001    /* Copyright  (c) 2002 Graz University of Technology. All rights reserved.
002     *
003     * Redistribution and use in  source and binary forms, with or without 
004     * modification, are permitted  provided that the following conditions are met:
005     *
006     * 1. Redistributions of  source code must retain the above copyright notice,
007     *    this list of conditions and the following disclaimer.
008     *
009     * 2. Redistributions in  binary form must reproduce the above copyright notice,
010     *    this list of conditions and the following disclaimer in the documentation
011     *    and/or other materials provided with the distribution.
012     *  
013     * 3. The end-user documentation included with the redistribution, if any, must
014     *    include the following acknowledgment:
015     * 
016     *    "This product includes software developed by IAIK of Graz University of
017     *     Technology."
018     * 
019     *    Alternately, this acknowledgment may appear in the software itself, if 
020     *    and wherever such third-party acknowledgments normally appear.
021     *  
022     * 4. The names "Graz University of Technology" and "IAIK of Graz University of
023     *    Technology" must not be used to endorse or promote products derived from 
024     *    this software without prior written permission.
025     *  
026     * 5. Products derived from this software may not be called 
027     *    "IAIK PKCS Wrapper", nor may "IAIK" appear in their name, without prior 
028     *    written permission of Graz University of Technology.
029     *  
030     *  THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
031     *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
032     *  WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
033     *  PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE LICENSOR BE
034     *  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
035     *  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
036     *  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
037     *  OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
038     *  ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
039     *  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
040     *  OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
041     *  POSSIBILITY  OF SUCH DAMAGE.
042     */
043    
044    package demo.pkcs.pkcs11;
045    
046    import java.io.BufferedReader;
047    import java.io.InputStreamReader;
048    import java.io.PrintWriter;
049    
050    import iaik.pkcs.pkcs11.Module;
051    import iaik.pkcs.pkcs11.Session;
052    import iaik.pkcs.pkcs11.Slot;
053    import iaik.pkcs.pkcs11.Token;
054    import iaik.pkcs.pkcs11.TokenInfo;
055    
056    
057    
058    /**
059     * This program sets the normal user's PIN.
060     *
061     * @author <a href="mailto:Karl.Scheibelhofer@iaik.at"> Karl Scheibelhofer </a>
062     * @version 0.1
063     * @invariants
064     */
065    public class SetPIN {
066    
067      static PrintWriter output_;
068    
069      static BufferedReader input_;
070    
071      static {
072        try {
073          //output_ = new PrintWriter(new FileWriter("GetInfo_output.txt"), true);
074          output_ = new PrintWriter(System.out, true);
075          input_ = new BufferedReader(new InputStreamReader(System.in));
076        } catch (Throwable thr) {
077          thr.printStackTrace();
078          output_ = new PrintWriter(System.out, true);
079          input_ = new BufferedReader(new InputStreamReader(System.in));
080        }
081      }
082    
083      public static void main(String[] args) {
084        if (args.length != 2) {
085          printUsage();
086          System.exit(1);
087        }
088    
089        try {
090    
091            Module pkcs11Module = Module.getInstance(args[0]);
092            pkcs11Module.initialize(null);
093    
094            Slot[] slots = pkcs11Module.getSlotList(Module.SlotRequirement.TOKEN_PRESENT);
095    
096            if (slots.length == 0) {
097              output_.println("No slot with present token found!");
098              System.exit(0);
099            }
100    
101            Token token = null;
102            if (slots.length == 1) {
103              Slot selectedSlot = slots[0];
104              token = selectedSlot.getToken();
105            } else {
106              output_.println("Found several tokens: ");
107              for (int i = 0; i < slots.length; i++) {
108                token = slots[i].getToken();
109                output_.println("________________________________________________________________________________");
110                output_.print("Info of Token number ");
111                output_.println(i);
112                output_.println(token.getTokenInfo());
113                output_.println("________________________________________________________________________________");
114              }
115              output_.println();
116              output_.print("For which token do you want to set the PIN? Please enter its number [0..");
117              output_.print(slots.length);
118              output_.print("]: ");
119              output_.flush();
120              String selectedTokenNumberString = input_.readLine();
121              int selectedTokenNumber = Integer.parseInt(selectedTokenNumberString);
122              token = slots[selectedTokenNumber].getToken();
123            }
124    
125            TokenInfo tokenInfo = token.getTokenInfo();
126    
127            output_.println("################################################################################");
128            output_.println("Information of selsected Token:");
129            output_.println(tokenInfo);
130            output_.println("################################################################################");
131    
132            boolean userType = Session.UserType.USER;
133            if (args[1].equalsIgnoreCase("USER")) {
134              userType = Session.UserType.USER;
135            } else if (args[1].equalsIgnoreCase("SO")) {
136              userType = Session.UserType.SO;
137            } else {
138              output_.println("Unknown user type: " + args[1]);
139              printUsage();
140              pkcs11Module.finalize(null);
141              System.exit(1);
142            }
143            String userTypeName = (userType == Session.UserType.USER) ? "user" : "security officer";
144    
145            output_.println("################################################################################");
146            output_.println("setting " + userTypeName + " PIN");
147    
148            Session session =
149                token.openSession(Token.SessionType.SERIAL_SESSION, Token.SessionReadWriteBehavior.RW_SESSION, null, null);
150            if (tokenInfo.isLoginRequired()) {
151              if (tokenInfo.isProtectedAuthenticationPath()) {
152                session.login(userType, null); // the token prompts the PIN by other means; e.g. PIN-pad
153                session.setPIN(null, null);
154              } else {
155                output_.print("Enter current " + userTypeName + " PIN: ");
156                output_.flush();
157                String pinString = input_.readLine();
158                char[] pin = pinString.toCharArray();
159                // login user
160                session.login(userType, pin);
161    
162                char[] newPIN = null;
163                boolean repeat = false;
164                do {
165                  output_.print("Enter new " + userTypeName + " PIN: ");
166                  output_.flush();
167                  String newPINString = input_.readLine();
168                  output_.print("Enter new " + userTypeName + " PIN again for confirmation: ");
169                  output_.flush();
170                  String confirmedNewPINString = input_.readLine();
171                  if (!newPINString.equals(confirmedNewPINString)) {
172                    output_.println("The two entries do not match. Try again.");
173                    repeat = true;
174                  } else {
175                    newPIN = newPINString.toCharArray();
176                    repeat = false;
177                  }
178                } while (repeat);
179                session.setPIN(pin, newPIN);
180              }
181            } else {
182              output_.println("This token does not require a login. It does not use a PIN.");
183            }
184    
185            output_.println("FINISHED");
186            output_.println("################################################################################");
187    
188            pkcs11Module.finalize(null);
189    
190        } catch (Throwable thr) {
191          thr.printStackTrace();
192        }
193      }
194    
195      public static void printUsage() {
196        output_.println("Usage: SetPIN <PKCS#11 module> (USER|SO)");
197        output_.println(" e.g.: SetPIN pk2priv.dll USER");
198        output_.println("The given DLL must be in the search path of the system.");
199      }
200    
201    }